From fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 03:14:29 +0200
Subject: Merging upstream version 125.0.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 ...-exceed-former-entry-limit.tentative.https.html | 52 ++++++++++++++++++++++
 ...et-credentials-include.tentative.https.sub.html | 39 ++++++++++++++++
 ...rklet-credentials-omit.tentative.https.sub.html | 38 ++++++++++++++++
 ...redentials-same-origin.tentative.https.sub.html | 38 ++++++++++++++++
 ...trol-allow-credentials.tentative.https.sub.html | 29 ++++++++++++
 ...s-control-allow-origin.tentative.https.sub.html | 28 ++++++++++++
 .../resources/credentials-test-helper.py           |  6 +++
 .../resources/verify-length-module.js              | 18 ++++++++
 ...-exceed-former-entry-limit.tentative.https.html | 52 ++++++++++++++++++++++
 .../setters-long-string.tentative.https.sub.html   | 44 ++++++++++++++++++
 .../setters.tentative.https.sub.html               | 24 ----------
 11 files changed, 344 insertions(+), 24 deletions(-)
 create mode 100644 testing/web-platform/tests/shared-storage/append-exceed-former-entry-limit.tentative.https.html
 create mode 100644 testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html
 create mode 100644 testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html
 create mode 100644 testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html
 create mode 100644 testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html
 create mode 100644 testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html
 create mode 100644 testing/web-platform/tests/shared-storage/resources/verify-length-module.js
 create mode 100644 testing/web-platform/tests/shared-storage/set-exceed-former-entry-limit.tentative.https.html
 create mode 100644 testing/web-platform/tests/shared-storage/setters-long-string.tentative.https.sub.html

(limited to 'testing/web-platform/tests/shared-storage')

diff --git a/testing/web-platform/tests/shared-storage/append-exceed-former-entry-limit.tentative.https.html b/testing/web-platform/tests/shared-storage/append-exceed-former-entry-limit.tentative.https.html
new file mode 100644
index 0000000000..921b9d4573
--- /dev/null
+++ b/testing/web-platform/tests/shared-storage/append-exceed-former-entry-limit.tentative.https.html
@@ -0,0 +1,52 @@
+<!doctype html>
+<meta name="timeout" content="long">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+const PREV_ENTRY_LIMIT = 10000;
+
+promise_test(async () => {
+  const ancestor_key = token();
+  let url0 = generateURL("/shared-storage/resources/frame0.html",
+                         [ancestor_key]);
+  let url1 = generateURL("/shared-storage/resources/frame1.html",
+                         [ancestor_key]);
+  let url2 = generateURL("/shared-storage/resources/frame2.html",
+                         [ancestor_key]);
+
+  const numEntriesToAppend = PREV_ENTRY_LIMIT + 1;
+
+  // Create an array of promises.
+  const append_promises = [];
+  for (let i = 0; i < numEntriesToAppend; i++) {
+    append_promises.push(sharedStorage.append(i.toString(), 'x'));
+  }
+
+  // Wait for all promises to resolve in parallel.
+  await Promise.all(append_promises);
+
+  await addModuleOnce("/shared-storage/resources/verify-length-module.js");
+  let select_url_result = await sharedStorage.selectURL(
+      "verify-length", [{url: url0}, {url: url1}, {url: url2}],
+      {data: {'expectedLength': numEntriesToAppend},
+      resolveToConfig: true, keepAlive: true});
+  assert_true(validateSelectURLResult(select_url_result, true));
+  attachFencedFrame(select_url_result, 'opaque-ads');
+
+  // frame1_loaded implies that the legnth is as expected and so the calls to
+  // append() were all successful.
+  assert_equals(await nextValueFromServer(ancestor_key), "frame1_loaded");
+
+  // Clean up.
+  await sharedStorage.clear();
+}, 'sharedStorage.append() is not constrained by the former entry limit of '
+   + PREV_ENTRY_LIMIT.toString());
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html
new file mode 100644
index 0000000000..9c44d2a29f
--- /dev/null
+++ b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-include.tentative.https.sub.html
@@ -0,0 +1,39 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async () => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const set_cookie_url = crossOrigin + `/cookies/resources/set-cookie.py` +
+                         `?name=key0` +
+                         `&path=/shared-storage/`;
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&access_control_allow_credentials_header=true` +
+                     `&token=${ancestor_key}`;
+
+  await fetch(set_cookie_url, { mode: 'no-cors', credentials: 'include' });
+
+  const worklet = await sharedStorage.createWorklet(
+    helper_url + `&action=store-cookie`,
+    { credentials: "include" });
+
+  const request_cookie_fetch_response =
+    await fetch(helper_url + `&action=get-cookie`);
+
+  const request_cookie_text = await request_cookie_fetch_response.text();
+
+  assert_equals(request_cookie_text, "key0=1");
+}, 'createWorklet() with cross-origin module script and credentials "include"');
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html
new file mode 100644
index 0000000000..ddda1809f2
--- /dev/null
+++ b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-omit.tentative.https.sub.html
@@ -0,0 +1,38 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async () => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const set_cookie_url = crossOrigin + `/cookies/resources/set-cookie.py` +
+                         `?name=key0` +
+                         `&path=/shared-storage/`;
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&token=${ancestor_key}`;
+
+  await fetch(set_cookie_url, { mode: 'no-cors', credentials: 'include' });
+
+  const worklet = await sharedStorage.createWorklet(
+    helper_url + `&action=store-cookie`,
+    { credentials: "omit" });
+
+  const request_cookie_fetch_response =
+    await fetch(helper_url + `&action=get-cookie`);
+
+  const request_cookie_text = await request_cookie_fetch_response.text();
+
+  assert_equals(request_cookie_text, "NO_COOKIE_HEADER");
+}, 'createWorklet() with cross-origin module script and credentials "omit"');
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html
new file mode 100644
index 0000000000..99701d2b7d
--- /dev/null
+++ b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-credentials-same-origin.tentative.https.sub.html
@@ -0,0 +1,38 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async () => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const set_cookie_url = crossOrigin + `/cookies/resources/set-cookie.py` +
+                         `?name=key0` +
+                         `&path=/shared-storage/`;
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&token=${ancestor_key}`;
+
+  await fetch(set_cookie_url, { mode: 'no-cors', credentials: 'include' });
+
+  const worklet = await sharedStorage.createWorklet(
+    helper_url + `&action=store-cookie`,
+    { credentials: "same-origin" });
+
+  const request_cookie_fetch_response =
+    await fetch(helper_url + `&action=get-cookie`);
+
+  const request_cookie_text = await request_cookie_fetch_response.text();
+
+  assert_equals(request_cookie_text, "NO_COOKIE_HEADER");
+}, 'createWorklet() with cross-origin module script and credentials "same-origin"');
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html
new file mode 100644
index 0000000000..598fd8f405
--- /dev/null
+++ b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-credentials.tentative.https.sub.html
@@ -0,0 +1,29 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async t => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `?access_control_allow_origin_header=${window.origin}` +
+                     `&token=${ancestor_key}`;
+
+  return promise_rejects_dom(t, "OperationError",
+    sharedStorage.createWorklet(
+      helper_url + `&action=store-cookie`,
+      { credentials: "include" }));
+}, 'createWorklet() with cross-origin module script and credentials ' +
+   '"include", and without the Access-Control-Allow-Credentials response ' +
+   'header');
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html
new file mode 100644
index 0000000000..4195d09fc0
--- /dev/null
+++ b/testing/web-platform/tests/shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html
@@ -0,0 +1,28 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async t => {
+  const ancestor_key = token();
+  const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
+  const helper_url = crossOrigin +
+                     `/shared-storage/resources/credentials-test-helper.py` +
+                     `&access_control_allow_credentials_header=true` +
+                     `&token=${ancestor_key}`;
+
+  return promise_rejects_dom(t, "OperationError",
+    sharedStorage.createWorklet(
+      helper_url + `&action=store-cookie`,
+      { credentials: "include" }));
+}, 'createWorklet() with cross-origin module script and credentials ' +
+   '"include", and without the Access-Control-Allow-Origin response header');
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/shared-storage/resources/credentials-test-helper.py b/testing/web-platform/tests/shared-storage/resources/credentials-test-helper.py
index 81a988e358..46fc0ea6fb 100644
--- a/testing/web-platform/tests/shared-storage/resources/credentials-test-helper.py
+++ b/testing/web-platform/tests/shared-storage/resources/credentials-test-helper.py
@@ -13,6 +13,12 @@ def main(request, response):
     response.status = 200
     response.headers.append(b"Content-Type", b"text/javascript")
 
+    if b"access_control_allow_credentials_header" in request.GET:
+      response.headers.append(b"Access-Control-Allow-Credentials", request.GET[b"access_control_allow_credentials_header"])
+
+    if b"access_control_allow_origin_header" in request.GET:
+      response.headers.append(b"Access-Control-Allow-Origin", request.GET[b"access_control_allow_origin_header"])
+
     if action == b"store-cookie":
       cookie = request.headers.get(b"Cookie", b"NO_COOKIE_HEADER")
       request.server.stash.put(token, cookie)
diff --git a/testing/web-platform/tests/shared-storage/resources/verify-length-module.js b/testing/web-platform/tests/shared-storage/resources/verify-length-module.js
new file mode 100644
index 0000000000..8ba10fbcb6
--- /dev/null
+++ b/testing/web-platform/tests/shared-storage/resources/verify-length-module.js
@@ -0,0 +1,18 @@
+// Copyright 2024 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+class VerifyLength {
+  async run(urls, data) {
+    if (data && data.hasOwnProperty('expectedLength')) {
+      const expectedLength = data['expectedLength'];
+      const actualLength = await sharedStorage.length();
+      if (actualLength === expectedLength) {
+        return 1;
+      }
+    }
+    return -1;
+  }
+}
+
+register('verify-length', VerifyLength);
diff --git a/testing/web-platform/tests/shared-storage/set-exceed-former-entry-limit.tentative.https.html b/testing/web-platform/tests/shared-storage/set-exceed-former-entry-limit.tentative.https.html
new file mode 100644
index 0000000000..b78abbf1ef
--- /dev/null
+++ b/testing/web-platform/tests/shared-storage/set-exceed-former-entry-limit.tentative.https.html
@@ -0,0 +1,52 @@
+<!doctype html>
+<meta name="timeout" content="long">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/utils.js"></script>
+<script src="/shared-storage/resources/util.js"></script>
+<script src="/fenced-frame/resources/utils.js"></script>
+
+<body>
+<script>
+'use strict';
+const PREV_ENTRY_LIMIT = 10000;
+
+promise_test(async () => {
+  const ancestor_key = token();
+  let url0 = generateURL("/shared-storage/resources/frame0.html",
+                         [ancestor_key]);
+  let url1 = generateURL("/shared-storage/resources/frame1.html",
+                         [ancestor_key]);
+  let url2 = generateURL("/shared-storage/resources/frame2.html",
+                         [ancestor_key]);
+
+  const numEntriesToSet = PREV_ENTRY_LIMIT + 1;
+
+  // Create an array of promises.
+  const set_promises = [];
+  for (let i = 0; i < numEntriesToSet; i++) {
+    set_promises.push(sharedStorage.set(i.toString(), 'x'));
+  }
+
+  // Wait for all promises to resolve in parallel.
+  await Promise.all(set_promises);
+
+  await addModuleOnce("/shared-storage/resources/verify-length-module.js");
+  let select_url_result = await sharedStorage.selectURL(
+      "verify-length", [{url: url0}, {url: url1}, {url: url2}],
+      {data: {'expectedLength': numEntriesToSet},
+      resolveToConfig: true, keepAlive: true});
+  assert_true(validateSelectURLResult(select_url_result, true));
+  attachFencedFrame(select_url_result, 'opaque-ads');
+
+  // frame1_loaded implies that the legnth is as expected and so the calls to
+  // set() were all successful.
+  assert_equals(await nextValueFromServer(ancestor_key), "frame1_loaded");
+
+  // Clean up.
+  await sharedStorage.clear();
+}, 'sharedStorage.set() is not constrained by the former entry limit of '
+   + PREV_ENTRY_LIMIT.toString());
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/shared-storage/setters-long-string.tentative.https.sub.html b/testing/web-platform/tests/shared-storage/setters-long-string.tentative.https.sub.html
new file mode 100644
index 0000000000..69b66a53a0
--- /dev/null
+++ b/testing/web-platform/tests/shared-storage/setters-long-string.tentative.https.sub.html
@@ -0,0 +1,44 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+
+<body>
+<script>
+'use strict';
+
+promise_test(async t => {
+  try {
+    await sharedStorage.set('a'.repeat(2621441), 'b');
+  } catch (e) {
+    assert_equals(e.name, 'DataError');
+    return;
+  }
+  assert_unreached("did not reject");
+}, 'sharedStorage.set with key length too big');
+
+promise_test(async t => {
+  try {
+    await sharedStorage.set('a', 'b'.repeat(2621441));
+  } catch (e) {
+    assert_equals(e.name, 'DataError');
+    return;
+  }
+  assert_unreached("did not reject");
+}, 'sharedStorage.set with value length too big');
+
+promise_test(() => {
+  return sharedStorage.set('a'.repeat(2621440), '').then(() => {
+    // Clean up.
+    sharedStorage.delete('a'.repeat(2621440));
+  });
+}, 'sharedStorage.set with max allowed key length');
+
+promise_test(() => {
+  return sharedStorage.set('a', 'b'.repeat(2621439)).then(() => {
+    // Clean up.
+    sharedStorage.delete('a');
+  });
+}, 'sharedStorage.set with max allowed value length');
+
+</script>
+</body>
diff --git a/testing/web-platform/tests/shared-storage/setters.tentative.https.sub.html b/testing/web-platform/tests/shared-storage/setters.tentative.https.sub.html
index ffc4bfbd7d..891f8a7acb 100644
--- a/testing/web-platform/tests/shared-storage/setters.tentative.https.sub.html
+++ b/testing/web-platform/tests/shared-storage/setters.tentative.https.sub.html
@@ -26,10 +26,6 @@ promise_test(async t => {
   return promise_rejects_js(t, TypeError, sharedStorage.set("a", "b", "c"));
 }, 'sharedStorage.set with invalid options');
 
-promise_test(() => {
-  return sharedStorage.set('a'.repeat(1024), 'b'.repeat(1024));
-}, 'sharedStorage.set with max allowed key and value length');
-
 promise_test(async t => {
   try {
       await sharedStorage.set('', 'b');
@@ -40,26 +36,6 @@ promise_test(async t => {
   assert_unreached("did not reject");
 }, 'sharedStorage.set with empty key');
 
-promise_test(async t => {
-  try {
-      await sharedStorage.set('a'.repeat(1025), 'b');
-  } catch (e) {
-    assert_equals(e.name, 'DataError');
-    return;
-  }
-  assert_unreached("did not reject");
-}, 'sharedStorage.set with key length too big');
-
-promise_test(async t => {
-  try {
-      await sharedStorage.set('a', 'b'.repeat(1025));
-  } catch (e) {
-    assert_equals(e.name, 'DataError');
-    return;
-  }
-  assert_unreached("did not reject");
-}, 'sharedStorage.set with value length too big');
-
 promise_test(() => {
   return sharedStorage.append("a", "b");
 }, 'sharedStorage.append');
-- 
cgit v1.2.3